Is it possible to use caveats where the allowed values are sourced from another system? Using CIDR example in the docs, would I be able to call an external service that would give me the freshest information on allowed IPs? Or am I maybe thinking about this wrong and it's expected that you alter your schema from your application based on user input? That feels pretty wrong to me, though.